Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/THgUh4j0K298RkL13MegdHZm1JU.roa
File: THgUh4j0K298RkL13MegdHZm1JU.roa (raw, json)
Hash identifier: mDKSRAaadJbdiEyKqcjKvGy5CqNSS8Lb0CtIVDQ7PMQ=
Subject key identifier: 4C:78:14:87:88:F4:2B:6F:7C:46:42:F5:DC:C7:A0:74:76:66:D4:95
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC5010996A52046BFAD16C79C1A1F9613
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/THgUh4j0K298RkL13MegdHZm1JU.roa
Signing time: Mon 01 Jan 2024 12:30:28 +0000
ROA not before: Mon 01 Jan 2024 12:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 84.54.33.0/24 maxlen: 24
193.218.34.0/24 maxlen: 24
45.83.28.0/24 maxlen: 24
2a0b:64c5::/32 maxlen: 48
2a0b:64c7::/32 maxlen: 32
2a0b:64c4::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 25 Apr 2024 05:47:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:09:96:a5:20:46:bf:ad:16:c7:9c:1a:1f:96:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c78148788f42b6f7c4642f5dcc7a0747666d495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:1f:7a:6a:82:c4:54:9b:ef:c9:29:7a:a3:b8:
60:cc:a4:81:e3:b1:86:f6:b6:89:a9:a8:21:01:82:
1f:8d:a5:66:b3:28:6e:e6:ac:c7:e2:3f:68:31:ae:
52:67:ae:20:f8:bd:87:26:5c:7f:cb:45:af:db:74:
af:6d:0f:d5:bb:3e:b6:79:76:f5:87:1d:a2:8f:c4:
22:99:0b:8d:bc:b5:bf:7b:80:ff:59:97:bc:28:fa:
0d:94:d5:d7:79:29:74:a8:f5:2a:a9:43:6a:13:b3:
dc:6d:39:cc:11:fc:b9:7e:72:67:e9:33:a9:ae:2e:
95:37:37:62:51:93:39:c4:6e:0f:b0:8e:7c:41:17:
24:56:a1:95:9a:6a:2d:f8:37:98:de:1c:23:7e:ab:
51:99:6b:23:ae:27:df:de:5d:e0:4c:8f:ea:53:9b:
eb:1d:e6:66:2a:15:ee:e1:57:df:81:80:96:92:76:
bb:c6:e0:a0:b2:dc:00:bd:7c:88:4e:a3:18:b3:89:
11:3e:99:fc:24:76:5e:59:db:6c:42:f2:17:b0:1d:
40:f2:1b:d9:cf:65:82:f3:74:5a:70:73:b5:e0:13:
c6:da:56:03:cc:fc:4b:1f:53:79:2d:12:58:4f:96:
1b:60:df:a5:4d:c6:be:3f:cf:e4:51:ef:de:c6:00:
24:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:78:14:87:88:F4:2B:6F:7C:46:42:F5:DC:C7:A0:74:76:66:D4:95
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/THgUh4j0K298RkL13MegdHZm1JU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.28.0/24
84.54.33.0/24
193.218.34.0/24
IPv6:
2a0b:64c4::/31
2a0b:64c7::/32
Signature Algorithm: sha256WithRSAEncryption
14:e2:df:fa:4f:78:4d:77:2f:6f:b7:23:62:2e:5c:6d:80:be:
a6:e0:ed:8f:98:19:b5:53:c9:53:1a:01:bc:22:58:a4:69:44:
97:0a:a2:bd:99:c1:b0:1b:f7:91:25:56:b8:1f:f1:53:b7:32:
5f:34:38:b6:7e:5e:4d:2b:33:9f:a9:c1:4f:2b:bf:b0:63:f1:
65:fd:bf:40:42:25:d9:63:59:6c:ba:51:09:c4:b6:58:d4:b3:
5f:60:5a:59:28:e0:1f:34:ec:fa:cf:4b:65:86:81:a1:57:7f:
47:b8:06:d3:88:89:17:a5:29:c5:54:44:8e:70:04:b0:de:0d:
2a:66:74:30:9e:cd:10:8f:7c:3c:75:78:66:c3:e6:1a:4f:5a:
1c:b3:a2:fc:b3:75:fa:42:d6:56:19:69:55:3e:c6:ec:c8:b1:
75:04:4e:b8:cf:e7:ff:00:0f:0c:d6:8c:fa:f9:65:ea:bd:e3:
63:75:ce:6f:81:4c:68:74:96:a1:c9:e9:83:f9:ec:34:43:85:
39:be:e4:5d:05:b0:76:22:b5:9f:7f:7f:29:81:96:c0:f8:33:
e3:0d:66:5a:b8:cd:78:58:f9:91:d8:13:6b:7c:98:78:b7:48:
43:4d:9e:ad:8d:a5:e2:52:e9:57:3a:79:f7:cb:8c:65:95:20:
00:9e:da:49
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzFAQmWpSBGv60Wx5waH5YTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yzc4MTQ4Nzg4ZjQyYjZmN2M0NjQyZjVkY2M3YTA3NDc2NjZkNDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiB96aoLEVJvvySl6o7hgzKSB47GG
9raJqaghAYIfjaVmsyhu5qzH4j9oMa5SZ64g+L2HJlx/y0Wv23SvbQ/Vuz62eXb1
hx2ij8QimQuNvLW/e4D/WZe8KPoNlNXXeSl0qPUqqUNqE7PcbTnMEfy5fnJn6TOp
ri6VNzdiUZM5xG4PsI58QRckVqGVmmot+DeY3hwjfqtRmWsjriff3l3gTI/qU5vr
HeZmKhXu4VffgYCWkna7xuCgstwAvXyITqMYs4kRPpn8JHZeWdtsQvIXsB1A8hvZ
z2WC83RacHO14BPG2lYDzPxLH1N5LRJYT5YbYN+lTca+P8/kUe/exgAk+wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFEx4FIeI9CtvfEZC9dzHoHR2ZtSVMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVEhnVWg0ajBLMjk4UmtMMTNNZWdkSFptMUpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQALVMcAwQA
VDYhAwQAwdoiMBQEAgACMA4DBQEqC2TEAwUAKgtkxzANBgkqhkiG9w0BAQsFAAOC
AQEAFOLf+k94TXcvb7cjYi5cbYC+puDtj5gZtVPJUxoBvCJYpGlElwqivZnBsBv3
kSVWuB/xU7cyXzQ4tn5eTSszn6nBTyu/sGPxZf2/QEIl2WNZbLpRCcS2WNSzX2Ba
WSjgHzTs+s9LZYaBoVd/R7gG04iJF6UpxVREjnAEsN4NKmZ0MJ7NEI98PHV4ZsPm
Gk9aHLOi/LN1+kLWVhlpVT7G7MixdQROuM/n/wAPDNaM+vll6r3jY3XOb4FMaHSW
ocnpg/nsNEOFOb7kXQWwdiK1n39/KYGWwPgz4w1mWrjNeFj5kdgTa3yYeLdIQ02e
rY2l4lLpVzp598uMZZUgAJ7aSQ==
-----END CERTIFICATE-----
Generated at Thu Apr 25 06:45:53 2024 by rpki-client on console-fra.rpki-client.org